SUMMARY

• Technology professional with 20 plus years of progressive IT security experience with the last 5 years focusing primarily on Cyber Security. Management and customer service - related support experience, including but not limited by hardware and software troubleshooting, computer design, remote access, wireless setups, security, networking, and software/hardware testing.

TECHNICAL SKILLS

• Dark Trace, Crowd Strike, Rapid 7
• Citrix, VMware Migrations Blackberry Support (BES Server Support)
• Windows XP and Windows 7 Migration
• Microsoft SQL & Access experience
• Microsoft Exchange 2003, 2007, 2010
• Project management
• Microsoft Server 2003, 2008, 2012
• Data Center Experience
• Microsoft Office 2003, 2007, 2010, 2013
• Network Installations (Infrastructure, Rack&Stack, Data Center Experience)
• Hardware/Network/Software troubleshooting
• Active Directory Experience (Windows 2008)
• Anomali Threat Intelligence
• SolarWinds
• Verisign
• FireEye
• Splunk
• Proofpoint
• Lancope Stealthwatch
• Demisto - Security Orchestration, Automation, and Response (SOAR)
• Endpoint Detection and Response (EDR) experience with Carbon Black Defense/Protect/Response
• McAfee ePolicy Orchestrator
• HP ArcSight (SIEM)

PROFESSIONAL EXPERIENCE

Confidential, Houston, Texas

Senior Cyber Security Analyst

Responsibilities:

• Monitor penetration tickets, work with the offshore team to troubleshoot tickets that are ongoing
• Review/Investigate alerts for new and ongoing tickets from Dark Trace, Crowd Strike
• Incident response and ticket handling for phishing, internal information being shared, IP logins at unidentified locations, authenticity analysis, etc.
• Experience documenting security threats and the steps taken to re-mediate issues
• Vulnerability scanning to inspect the potential points of exploit on a computer or network to identify security holes - Rapid7
• General network knowledge of TCP-IP and IP protocols
• Experience working with DarkTrace**, SecureWorks, and Digital Guardian for data loss prevention
• Monitoring and Responding to around 10+ tickets/day

Confidential, Houston, Texas

Senior Cyber Security Analyst

Responsibilities:

• Azure Cloud and Google Cloud Security Incidents
• Firewall (Palo Alto Networks)
• Security Information and Event Management (SIEM) - Splunk was preferred
• Strong Windows and Linux administration experience
• Internet Protocols and Services (e.g. TCP/IP, FTP, HTTPS, SSH)
• Networking infrastructure (Cisco is preferred)
• Vulnerability Testing tools (e.g. Nessus, Qualys)
• Network scanning tools (e.g. NMAP)
• Awareness of SCADA / IIoT technologies
• Log analysis/ Windows event analysis
• Network and Host forensics
• Malware analysis and memory analysis
• Antivirus solutions, virus outbreak management and the ability to differentiate virus activity from directed attack patterns
• Strong troubleshooting and root cause analyses skills
• Conducted network monitoring and intrusion detection analysis using various computer network defense tools, (IDS/IPS), firewalls, host-based security systems (HBSS)
• Correlated network activity across networks to identify trends of unauthorized use
• Researched emerging threats and vulnerabilities to aid in the identification of incidents for Oil & Gas sector
• Analyzed the results of the monitoring solutions, assessed and correlated the output using automated systems
• Conducted triage, event correlation, classification and analysis of these events such that incidents are investigated and logged or followed-up using the existing information risk incident management processes
• Provided pro-active feedback which will enable improvement of the current monitoring rules, based on information and knowledge/experience from Confidential and Industry best practices
• Worked unsupervised/independent/remote 30-40% - also able to interact and give direction to business and IT teams in line within established corporate security policies and processes
• Develops and maintains constructive and cooperative working relationships team members
• Innate drive for creative, innovative ways to solve problem or minimize risk
• Focused and results oriented
• The Ability to react quickly, decisively and deliberately in high-stress, high-impact situations
• Strong decision-making capabilities, with a proven ability to weight the relative costs and benefits of potential actions and identify the most appropriate one

Confidential

Cyber Security Analyst

Responsibilities:

• Taking an Active Approach/Part in the Security Incident Handling process: preparation, identification, containment, eradication, and recovery of incidents, even after escalation when necessary
• Provide initial monitoring and triage of security incidents using all available cyber security tools including OSINT sources
• Provide any communication and escalation support needed throughout the incident lifecycle per the bank standard operating procedures or SLA agreement
• Monitor security incidents, events, and security access (such as VPN), manage network, intrusion detection and prevention systems, firewall, IDS, IPS, DLP
• Understanding of various cyberattack techniques which includes XSS, SQL Injection, RAT’s Remote Access Trojans, APT’s Advanced Persistent Threats (primary purpose to steal data), worms, malware, and phishing.
• Using Proofpoint email protection and threat insight for in-depth analysis of potential malicious emails
• Analyze security breaches to determine their root cause
• Recommend and install appropriate tools and countermeasures
• Define, implement and maintain corporate security policies (per Bank)
• Security awareness training
• Contribute to a positive working environment and working well with others

Confidential

IT Support Analyst

Responsibilities:

• Research and coordinate logistics plan with team of 25+ members
• Team lead for quarter of team, meaning there are 4 team leads
• Create documentation of business requirements, current and the future state workflows
• Designs, codes/configures, tests, debugs, documents, and maintains programs/applications
• Run setup/startup scripts and confer any issues/solutions promptly with team and analysts
• Support existing functionality with further expansion to additional ambulatory offices

Confidential

SOC Analyst

Responsibilities:

• Monitor SOC (Security Operations Center) systems for incidents and malicious activity
• Analyze security events and identify relevant incidents
• Using event logging tools ArcSight ESM SIEM to analyze threats detected in IPS/IDS
• Analytics of data string and payload in Hexadecimal and ASCII in ArcSight
• Creating cases in ArcSight ESM for the annotation of events and incidents
• Configuring active channels in ArcSight ESM
• Creating Use Cases/Event Rules in ArcSight ESM
• Working in a team environment of multiple information security departments and vendors
• Continually improving incident response, crisis management, and procedures in weekly reports and proposals
• Writing and Updating Knowledge Base articles
• Researching the latest threats (apt’s), attacks, and malware for mitigation
• Giving Brown Bag presentations and writing White Papers on Information Security response and procedures
• Proficient in Kali Linux and Metasploit for Penetration Testing
• Using Information Security tools for Network Mapping, IP and Packet Tracing

Confidential

Network Engineer/Consultant

Responsibilities:

• Configuration of Microsoft Exchange 2007&2010
• Configuration of Microsoft Server 2008 R2, Server 2012 w/Server Essentials
• Configuration of Backups, Restores, and Disaster Recovery using Enterprise software
• Configure/modify active directory and group policies
• Implementation of VMware, P2V migrations/virtualization
• Install and configure Cisco/SonicWall VPN’s & Firewalls, Email Security, Backup
• Managing various business customer’s needs - total IT solution

Confidential

SysAdmin

Responsibilities:

• Part of the Asset Management Move Team
• Responsible for Reimaging Windows 7 on Dell High End workstations (T7500)
• Responsible for Reimaging Linux via Kickstart on Dell High End workstations
• Performed QC (Quality Control) on new environment moved to the new site
• Troubleshooting connectivity issues
• Updated tasks/changes via BMC Remedy
• Team Lead

Confidential

Systems/Network Engineer/Consultant

Responsibilities:

• Provided full network support to small - medium size businesses
• Regular monitoring and maintenance of the servers, clients and infrastructure equipment
• Performance analysis, Pro-Active server/desktop maintenance and support
• Active Directory planning and troubleshooting
• Exchange implementation and troubleshooting
• Firewall configuration experience

Confidential

System Analyst

Responsibilities:

• Migrations Windows XP to Windows 7
• Full disk Backup and Encryption
• Mapping Drives and Printers
• Hardware and software troubleshooting
• Imaging and documentation
• Altiris Ticketing and software delivery
• Identifying problems, and applying optimum solutions
• Communicating resolutions to customers, team, and incident management resolution

Confidential

Data Center Engineer

Responsibilities:

• Ensure production schedules and commitments are met and the Data Center maintains 100% uptime through impeccable housekeeping and robust operational discipline.
• Provision virtual data centers (vDCs) and use of VMware vSphere resources from a single console
• Coordinate with vendors and contractors to ensure Data Center needs are met in a timely and cost effective manner.
• Physical rack & stack server equipment such as HP, Confidential, Cisco Blade, Avamar, Dell and cable management.
• Responsible for physical installation of system memory, CPU’s, heatsinks, blades, hard drives, racks, and anything else hardware related.
• Supported Windows Server 2003, 2008 which included monitoring health status and also patching.
• Provide performance metric based reports to IT management.
• Responsible for updating all Visio drawings in regards to rack space, capacity reports, power whips, and PDU’s. Excellent written, verbal and interpersonal skills.
• Followed Industry Standards for wiring, cabling, power, cooling, raised flooring, and racking & stacking

Confidential

Support Analyst

Responsibilities:

• Performed basic desktop support for end user which included remote accessing machines utilizing Dameware/RDP to optimize, maintain, and support servers, laptop and desktops
• Install, upgrade repaired and maintain desktop and notebook computers as well as printers and scanners, and other peripheral devices.
• Troubleshooting and installing wired and wireless LAN’s
• Virus and spyware removal/ Optimization
• Troubleshooting operating system issues 2000/XP/Win7/2K3/ 2K8
• Full disk Backup and Encryption
• Mapping Drives and Printers
• Hardware and software troubleshooting
• Imaging and documentation
• Excellent customer service and account management
• Excellent written and verbal communication skills
• Full disk Backup and Encryption
• Updating Ticketing and software system
• Identifying problems, and applying optimal solutions